Resolving beacons.gcp.gvt2.com occasionally returns SERVFAIL

[Matt Nordhoff]

From my location in Florida, a small(?) percentage of queries to Google Public DNS for beacons.gcp.gvt2.com return SERVFAIL.

I hit the Atlanta PoP. (It's definitely where you query authoritative nameservers from. It's also where "traceroute 8.8.8.8" goes.)

My ISP is Spectrum.

I'm fairly certain my DNS queries aren't being intercepted, but everyone says that, right?

I can't reproduce it from another ISP that also hits Atlanta.

gvt2.com is a Google domain, so it really shouldn't ever fail...

For example:

$ dig @8.8.8.8 beacons.gcp.gvt2.com

; <<>> DiG 9.9.5-3ubuntu0.17-Ubuntu <<>> @8.8.8.8 beacons.gcp.gvt2.com

; (1 server found)

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 12767

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 512

;; QUESTION SECTION:

;beacons.gcp.gvt2.com. IN A

;; Query time: 56 msec

;; SERVER: 8.8.8.8#53(8.8.8.8)

;; WHEN: Tue Jul 31 16:14:55 UTC 2018

;; MSG SIZE  rcvd: 49

$ dig @8.8.8.8 beacons.gcp.gvt2.com

; <<>> DiG 9.9.5-3ubuntu0.17-Ubuntu <<>> @8.8.8.8 beacons.gcp.gvt2.com

; (1 server found)

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37921

;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 512

;; QUESTION SECTION:

;beacons.gcp.gvt2.com. IN A

;; ANSWER SECTION:

beacons.gcp.gvt2.com. 58 IN CNAME beacons-handoff.gcp.gvt2.com.

beacons-handoff.gcp.gvt2.com. 245 IN A 108.177.122.94

;; Query time: 22 msec

;; SERVER: 8.8.8.8#53(8.8.8.8)

;; WHEN: Tue Jul 31 16:14:57 UTC 2018

;; MSG SIZE  rcvd: 95